Talent.com
Manager, Cyber Architecture, Strategy & Design

Manager, Cyber Architecture, Strategy & Design

Teck ResourcesVancouver, BC
30+ days ago
Salary
CA$160,000.00 yearly
Job description

Summary

The Manager, Cyber Architecture, Strategy & Design is the lead role in defining and assessing Teck's security strategy, architecture and practices. They will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services across both IT and Industrial OT environments.

The Manager will be an advocate of security requirements and objectives with constituencies, while also ensuring that security architecture and practices do not infringe on the needs of the business. Specifically, they will serve as the technical sounding board for the CISO's interaction with other line-of-business constituencies across Teck. The successful Manager is encouraged to evaluate new services, vendors, applications and security tools, among other items, from a technical perspective and translate the risk characteristics of these activities and functions into enterprise risk terms that the CISO can communicate to their colleagues.

Responsibilities

  • Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures
  • Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are aligned with business, technology and threat drivers across both IT and OT environments.
  • Develop security strategy plans and roadmaps based on sound enterprise architecture practices.
  • Develop and maintain security architecture artifacts (models, patterns, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.
  • Track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in security strategy plans and architecture artifacts.
  • Participate in application and infrastructure projects to provide security planning advice.
  • Draft security procedures and standards to be reviewed and approved by executive management and / or formally authorized by the CISO or the individual responsible for overall security direction.
  • Identify baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM).
  • Develop standards and practices for data encryption and tokenization within Teck based on our data classification criteria.
  • Conduct threat modeling of services and applications that tie to the risk and data associated with the service or application.
  • Conduct security assessments of internal systems, applications and IT infrastructure as part of the overall risk management practice of the organization.
  • Participate in vulnerability assessments and other security reviews of systems, and prioritize remediation based on the risk profile of the asset and guidance from the CISO or other executive management.
  • Conduct application reviews to determine security flaws or other issues that would impact the confidentiality, integrity or availability of the system.
  • Coordinate with DevOps teams to advocate secure coding practices and raise concerns related to poor coding practices to the CISO or the individual responsible for the overall security direction.
  • Coordinate with the privacy officer to detail data flows of sensitive information within the organization (e.g., PII or ePHI) and recommend controls to ensure this data is adequately secured (e.g., encryption, tokenization, etc.).
  • Validate IT and Cloud infrastructures and other reference architectures for security best practices, and recommend changes to improve security and reduce risk where applicable.
  • Validate security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPS), web application firewalls (WAF), anti-malware / endpoint protection systems, etc.
  • Review network segmentation to ensure zero-trust / least privilege for network / cloud access.
  • Conduct reviews of and supervise the change management function for security rule sets.
  • Liaise with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls.
  • Support the testing and validation of internal security controls as advised by the CISO or IA team.
  • Review security technologies, tools and services, and make recommendations to the broader security team for their use based on security, financial and operational metrics.
  • Coordinate with operational and facility-management teams to assess the security of operational technology and Internet of Things (IoT) systems.
  • Liaise with other security architects and security practitioners to share standard methodologies and insights.

Qualifications

  • Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field.
  • Expert-level experience in using architecture methodologies such as SABSA, Zachman and TOGAF
  • Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on applications, infrastructure and cloud services
  • One or more of the following security certifications : CISSP, CISM, CISA, TOGAF, GAIC
  • 5 - 10 years of experience as a cyber security architect that encompasses the following : Cloud Computing Security WAN Security Application Security Endpoint Security Logging and Monitoring Third Party Risk Management Governance, Risk and Compliance Cyber Incident Response Full-stack knowledge of IT infrastructure : Applications Databases Operating systems (Windows, Unix and Linux) Hypervisors IP networks (WAN, LAN) Storage networks (Fibre Channel, iSCSI and network-attached storage) Backup networks and media
  • Direct experience designing IAM technologies and services (e.g., Active Director, LDAP, Amazon Web Services [AWS] IAM)
  • Strong working knowledge of IT service management (e.g., ITIL-related disciplines) : Change management Configuration management Asset management Incident management Problem management
  • Experience designing the deployment of applications and infrastructure into public cloud services (e.g., AWS and Microsoft Azure) Validated experience with the following regulations, standards and frameworks : Sarbanes-Oxley Act General Data Protection Regulation (GDPR) Privacy Principles (best practices) International Organization for Standardization (ISO) 27001 / 2 ISA 62443 National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)
  • Background in manufacturing, mining or energy / utilities sectors are preferred.

    • About Teck

    At Teck, we value diversity. Our teams work collaboratively and respect each person's unique perspective and contribution.

    Qualified applicants interested in joining dynamic team are encouraged to submit a resume and cover letter electronically.